Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/RIJ6JSPeYLct3nu3g9QhU_5dP2Q.roa
File: RIJ6JSPeYLct3nu3g9QhU_5dP2Q.roa (raw, json)
Hash identifier: CSU7tV8y/Z8rcFeIG92pqSkoO6ygAbzKozYmKKalyH4=
Subject key identifier: 44:82:7A:25:23:DE:60:B7:2D:DE:7B:B7:83:D4:21:53:FE:5D:3F:64
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A35B545691CD2D2F92CD74F1B1598944D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/RIJ6JSPeYLct3nu3g9QhU_5dP2Q.roa
Signing time: Thu 30 Oct 2025 15:21:03 +0000
ROA not before: Thu 30 Oct 2025 15:21:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 31.56.97.0/24 maxlen: 24
31.58.100.0/22 maxlen: 24
31.58.103.0/24 maxlen: 24
31.59.29.0/24 maxlen: 24
31.59.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:35:b5:45:69:1c:d2:d2:f9:2c:d7:4f:1b:15:98:94:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 30 15:21:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44827a2523de60b72dde7bb783d42153fe5d3f64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1b:8a:f0:26:d8:28:43:01:de:d1:ea:24:65:
bf:db:20:63:ab:91:33:35:63:09:d6:a5:3a:9b:0b:
06:b7:35:1b:8e:e5:35:e4:23:34:98:8e:a8:4c:43:
81:c9:97:86:89:df:56:85:d0:39:97:2b:02:18:3c:
09:b2:c6:3a:ed:6c:27:8c:6c:44:21:3e:20:cd:ec:
3f:80:e1:f6:0a:55:34:a0:8a:0d:00:20:74:6e:28:
1d:48:f8:cf:bb:fd:d9:59:42:8e:a0:7e:a8:7d:27:
bc:05:fa:ea:52:46:25:cd:b6:19:55:d5:eb:95:ce:
d1:80:44:7f:4a:c6:c4:f0:3f:15:3b:40:29:eb:31:
c6:48:de:fd:23:e6:77:5a:16:c2:c5:17:99:4e:19:
fd:78:f9:7a:85:5d:1d:ce:78:b2:61:d5:25:6c:68:
d0:9a:1f:fe:3a:1a:ec:a0:3b:db:13:df:80:33:45:
8c:79:72:92:89:65:21:86:69:29:6a:b9:30:c1:ce:
7b:84:76:1d:0d:c1:6b:50:68:70:4c:1d:b6:4d:99:
77:24:05:bd:f2:30:b7:00:21:8a:58:74:69:bb:06:
9e:5e:da:18:b3:7e:25:ec:09:52:06:e8:40:9b:33:
3d:a5:9f:2e:05:40:9e:25:86:1e:a7:75:80:ad:cd:
18:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:82:7A:25:23:DE:60:B7:2D:DE:7B:B7:83:D4:21:53:FE:5D:3F:64
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/RIJ6JSPeYLct3nu3g9QhU_5dP2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.97.0/24
31.58.100.0/22
31.59.29.0/24
31.59.34.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:4f:99:e6:55:92:a4:1d:cf:13:70:2c:72:22:c4:e7:b7:d3:
57:d4:65:bc:d7:06:32:ee:11:85:d9:9d:84:87:0d:87:bc:2f:
cf:c3:ba:c0:b8:94:15:c6:0c:65:de:a6:1c:9f:f5:38:8a:d3:
b0:a5:a5:01:3d:86:bc:a6:97:e5:2c:89:39:cb:8f:92:77:68:
0c:af:63:10:65:3a:af:4d:ec:5d:f3:c3:61:f1:1e:d3:b8:07:
54:e5:cf:ee:81:14:d1:7c:d4:ea:eb:2d:a5:55:fa:ae:1c:5f:
63:e8:7e:e6:19:61:0e:e9:78:8a:87:d7:6a:7a:fe:45:38:9c:
40:4e:85:48:ab:b1:8f:4a:1c:17:96:62:00:24:ae:67:e7:0f:
47:f5:c7:33:22:a6:07:50:43:3d:70:7c:45:67:4a:19:c6:43:
2f:28:7f:ba:01:ec:5c:33:bc:c5:50:46:6a:5c:c3:44:2a:eb:
dd:f0:a2:23:9e:69:fc:fe:92:ce:fa:6a:e5:fa:9a:78:9b:0c:
81:82:99:b6:87:50:7b:5b:6d:a3:02:01:66:10:e8:a8:90:a0:
74:1b:f2:e4:98:05:e5:26:4e:d6:de:87:8a:eb:42:69:16:d3:
53:5d:61:98:67:2a:a5:5d:52:77:ca:8b:63:8d:4d:80:93:f0:
03:73:88:f7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZo1tUVpHNLS+SzXTxsVmJRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMDMwMTUyMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDgyN2EyNTIzZGU2MGI3MmRkZTdiYjc4M2Q0MjE1M2ZlNWQzZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhuK8CbYKEMB3tHqJGW/2yBjq5Ez
NWMJ1qU6mwsGtzUbjuU15CM0mI6oTEOByZeGid9WhdA5lysCGDwJssY67WwnjGxE
IT4gzew/gOH2ClU0oIoNACB0bigdSPjPu/3ZWUKOoH6ofSe8BfrqUkYlzbYZVdXr
lc7RgER/SsbE8D8VO0Ap6zHGSN79I+Z3WhbCxReZThn9ePl6hV0dzniyYdUlbGjQ
mh/+OhrsoDvbE9+AM0WMeXKSiWUhhmkparkwwc57hHYdDcFrUGhwTB22TZl3JAW9
8jC3ACGKWHRpuwaeXtoYs34l7AlSBuhAmzM9pZ8uBUCeJYYep3WArc0YBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFESCeiUj3mC3Ld57t4PUIVP+XT9kMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUklKNkpTUGVZTGN0M251M2c5UWhVXzVkUDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzhhAwQC
HzpkAwQAHzsdAwQAHzsiMA0GCSqGSIb3DQEBCwUAA4IBAQA7T5nmVZKkHc8TcCxy
IsTnt9NX1GW81wYy7hGF2Z2Ehw2HvC/Pw7rAuJQVxgxl3qYcn/U4itOwpaUBPYa8
ppflLIk5y4+Sd2gMr2MQZTqvTexd88Nh8R7TuAdU5c/ugRTRfNTq6y2lVfquHF9j
6H7mGWEO6XiKh9dqev5FOJxAToVIq7GPShwXlmIAJK5n5w9H9cczIqYHUEM9cHxF
Z0oZxkMvKH+6AexcM7zFUEZqXMNEKuvd8KIjnmn8/pLO+mrl+pp4mwyBgpm2h1B7
W22jAgFmEOiokKB0G/LkmAXlJk7W3oeK60JpFtNTXWGYZyqlXVJ3yotjjU2Ak/AD
c4j3
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:45:24 2025 by rpki-client